Loading ...
Loading ...
Loading ...
![](https://files.manualsfile.com/35368854-0465-001-eol/bg23.png)
AXIS P3354
System Options
HTTPS
HTTPS (Hype rTe xt Transfer Protocol over Secure Socket Layer, or HTTP over SSL) is a web protocol providing e ncrypted browsing.
HTTPS can also be used by users and clients to verify that the correct device is being accessed. The security level provided by
HTTPS i s considered adequate for most commercial exchanges.
The Axis product can be configured to requir e HTTPS when us ers from diffe re nt user groups (administrator, operator, viewer) connect.
To use HTTPS, an HTTPS certificate must first be installed. Go to System Options > Security > Certificates to install and manage
certificates. See
Certificates, on page 36
.
To enable HTTPS on the Axis product:
1. Go to System Options > Security > HTTPS
2. Select an HTTPS certificate from the list o f installed certificates.
3. Optionally, click Ciphers and select the encryption algorithms to use for SSL.
4. Set the HTTPS Connection Policy forthedifferentusergroups.
5. Click Save to enable the settings.
To access the Axis product via the desired protocol, enter https:// or http:// in the address field in a browser.
The HTTPS po rt can be chan ged on the System Options > Network > TCP/IP > Advanced page.
IEEE 802.1X
IEEE 802.1X is a standard for port-based Network Admission Control providing secure authentication of wired and wireless ne
twork
devices. IEEE 802.1X is based on EAP (Extensible A uthentication Protocol).
To access a network protected b y IEEE 802.1X, devices must authenticate themselves. The authentication is performed by a
third-party e ntity called an authe ntic ation server, typically a RADIUS server, examples of which are FreeRADIUS and Microsoft
Internet Authentication Service.
In Axis' im plementation, the network device and the authent
ication server authenticate themselves with the help of digital
certificates using EAP-TLS (Extensible Authentication Protocol - Transport Layer Security). The certificates are provided by an
Certification Authority (CA ). You need:
•aCAcertificate to validate the identity of the authentication server
• a CA-signed client certifi ca te and a private key to a uthenticate the network device.
To allow the network device to access a network protected by IEEE 802.1X:
1. Obtain a CA certificate, a client certifi cate and a client private key (contact your network administrator).
2. Go to Setup > System O ptions > Security > IEEE 802.1X and upload the CA certificate, the client certificate and the
client p
rivate key.
3. Und
er Settings, select the EAPOL version, provide your EAP identity and private key password.
4. Check the box to enable IEEE 802.1X and click Save.
35
Loading ...
Loading ...
Loading ...